Two Strategies for Addressing the Cybersecurity Skills Shortage

Stephan Tallent • Level 3 Communications

Anyone trying to hire a security professional for their organization understands there is a shortage of people with the skills needed to plan, design, implement and manage a cybersecurity strategy. According to a recent Enterprise Strategy Group survey1, 46 percent of organizations claim they have a problematic shortage of cybersecurity skills.

The lack of skilled cybersecurity professionals could stall our growing digital economy. Networks are undergoing dramatic transformations, fueled by BYOD, the internet of things, virtualization and cloud deployments. At the same time, cyber threats are escalating in prevalence, sophistication and impact.

The question everyone is asking is, where will we find the skilled resources to fill this gap?

External Resources

The shortage of security expertise combined with increased awareness of cyber risk, mounting compliance regulations and penalties, and the complexity of security defensive measures, is driving the market growth for managed security service providers (MSSPs).

For understaffed organizations seeking to ensure they can effectively manage security threats, the option of migrating risk out of their IT departments and into the hands of professional MSSPs is a reasonable option.

MSSPs provide hardware, software and engineering services that customers consume as a monthly service fee. This provides a cost effective method of helping meet the people, processes and technology requirements for securing today’s businesses against advanced and persistent attacks.

Tapping Veterans

Fortinet and Level 3 are acutely aware of the security personnel issue and have identified a promising pool of individuals with the skilled resources so critical to advancing our digital economy — transitioning veterans.

Veterans can excel as security operators for many reasons. While typically not trained in cybersecurity specifically, they have compatible skills and experience, such as the ability to learn new skills and concepts under pressure, which makes them ideal candidates for new disciplines and job functions in cybersecurity. Many have also been trained in the use of some of the most advanced technologies available. In addition, the military operating environment and the cybersecurity industry share similar success criteria: a capacity to accomplish priorities on time, the critical importance of staying with a task until it is done right and attention to detail and process.

At Fortinet, our experience bears this out; many veterans are successfully completing programs like Fortinet’s Veteran’s program (FortiVet) training, even though they had little to no prior cybersecurity experience.

The cybersecurity industry offers a unique opportunity for military veterans. Today, the post-9/11 unemployment rate for veterans is close to 6 percent, while the security engineer unemployment rate is zero percent. And while every year 250,000 more veterans transition out of the military, according to Forbes, a recent report estimates one million new cybersecurity jobs will be created in 2016 alone. Over 200,000 of today’s cyber jobs are unfilled, with demand for security professionals predicted to grow 53 percent by 2018. With the opportunity that exists and the alignment of skills, you’d think veterans would be lining up to fill positions in cybersecurity. Unfortunately, that’s not the case. Too many veterans simply remain unaware of the opportunities that exist in the cybersecurity field.

As an industry, we can and should do more to provide information and implement transition programs that prepare veterans for positions in the cybersecurity marketplace. Over the past year, Fortinet and Level 3 have worked proactively to help transitioning veterans enter the cybersecurity industry. We look forward to continuing this effort because the payoffs are clear – for our industry, our economy and our veterans.